search

conwnet / github1s

One second to read GitHub code with VS Code.
https://github1s.com
MIT License
22.82k stars 865 forks source link

Github Auth Callback #477

Closed nicklpeterson closed 1 year ago

nicklpeterson commented 1 year ago

Hi, thanks for making this awesome project! I'm working on setting it up for my organization on github enterprise server and ran into an issue with Oauth2 flow. When github redirects back, we end up with a url localhost:5000?code=xxx but it appears the post request to get the access token is never made. Could you explain what the correct callback url should be? Currently I'm working on it in localhost, with the plan to deploy at git1s.myorg.com.

welcome[bot] commented 1 year ago

Hello there!πŸ‘‹ Welcome to the project!πŸ’– Thank you and congratsπŸŽ‰for opening your very first issue in this project.Be patient while we get back to you.πŸ˜„

github-actions[bot] commented 1 year ago

Hello there nicklpeterson πŸ‘‹

Welcome to github1s !!πŸ’–πŸ₯³

Thank you and congratulations πŸŽ‰ for opening your very first issue in this project. github1s fosters an open and welcoming environment for all our contributors.🌸

Incase you want to claim this issue, please comment down below! We will try to get back to you as soon as we can.πŸ‘€

Feel free to visit github1s.com. πŸ‘©β€πŸ’» If you have any interesting ideas, just open an issue. We would love to hear you and engage in discussions.

conwnet commented 1 year ago

The whole auth process is referred to GitHub Authorizing OAuth Apps Documentation.

The detailed steps for authenticating GitHub1s to GitHub:

  1. User Click on 'Connect to GitHub' button in github1s auth page.
  2. GitHub1s runs a custom command which is implemented here. As you see, it will open the GitHub OAuth Page (https://github.com/login/oauth/authorize?scope=repo,user:email&client_id=${client_id}) in a new window (notice the client_id is provided by GitHub when you register an OAuth App), then open a message listener to wait the OAuth token that send back in Step 4.
  3. Once User agrees to the OAuth request, GitHub will redirect to the Authorization callback URL which was filled in when you registered for the OAuth app, and provide a temporary code in url search parameters.
  4. The implementation of the Authorization callback URL is here, it is a Serverless Function that deployed in Vercel. it will use the code (received in Step 3), client_id (obtained when registering) and client_secret (obtained when registering) to exchange the OAuth Token with GitHub. Then use postMessage API to send the token back to GitHub1s (The message listener is registered in Step 2).
  5. Finally, GitHub1s got the OAuth token and used it to read the data of repository.

If you deploy it yourself, you should register your own GitHub OAuth App, and the Authorization callback URL is set up by yourself.

Hope the above content is helpful to you.

nicklpeterson commented 1 year ago

Thank You! That is very helpful.